package com.samphanie.ane.core.security.authorize;

import com.samphanie.ane.core.properties.AneCoreProperties;
import lombok.RequiredArgsConstructor;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;


/**
 * @Author ZSY
 * @createTime 2021/3/13 14:27
 */
@Component
@RequiredArgsConstructor
@Order(Ordered.HIGHEST_PRECEDENCE)
public class DefaultAuthorizeConfigProvider implements AuthorizeConfigProvider {

    private final AneCoreProperties aneCoreProperties;

    /**
     * 返回的boolean表示配置中是否有针对anyRequest的配置。在整个授权配置中，应该有且仅有一个针对anyRequest的配置
     * 如果所有的实现都没有针对anyRequest的配置，系统会自动增加一个anyRequest().authenticated()的配置。
     * 如果有多个针对anyRequest的配置，则会抛出异常。
     * @throws Exception 异常
     */
    @Override
    public boolean config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) throws Exception {
        return false;
    }
}
